[igt-dev] [PATCH i-g-t 2/3] lib/aux: Call setgroups() in igt_drop_root() before setgid()
Lyude
lyude at redhat.com
Wed May 8 20:15:11 UTC 2019
From: Lyude Paul <lyude at redhat.com>
While igt isn't really security sensitive, forgetting to call
setgroups() before calling setgid() causes rpmlint on Fedora to
complain:
igt-gpu-tools.x86_64: E: missing-call-to-setgroups-before-setuid
/usr/lib64/libigt.so.0
...
missing-call-to-setgroups-before-setuid:
This executable is calling setuid and setgid without setgroups or
initgroups. There is a high probability this means it didn't relinquish
all groups, and this would be a potential security issue to be fixed.
Seek POS36-C on the web for details about the problem.
Since it's likely other package maintainers for other distros will have
to deal with similar issues eventually, and I can't see any harm in it,
let's do the right thing and call setgroups() first.
Signed-off-by: Lyude Paul <lyude at redhat.com>
---
lib/igt_aux.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/igt_aux.c b/lib/igt_aux.c
index caed1fed..578f8579 100644
--- a/lib/igt_aux.c
+++ b/lib/igt_aux.c
@@ -49,6 +49,7 @@
#include <sys/utsname.h>
#include <termios.h>
#include <assert.h>
+#include <grp.h>
#include <proc/readproc.h>
#include <libudev.h>
@@ -959,9 +960,11 @@ void igt_drop_root(void)
{
igt_assert_eq(getuid(), 0);
+ igt_assert_eq(setgroups(0, NULL), 0);
igt_assert_eq(setgid(2), 0);
igt_assert_eq(setuid(2), 0);
+ igt_assert_eq(getgroups(0, NULL), 0);
igt_assert_eq(getgid(), 2);
igt_assert_eq(getuid(), 2);
}
--
2.20.1
More information about the igt-dev
mailing list